Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected by trojan or something else


  • This topic is locked This topic is locked
7 replies to this topic

#1 Duregarthemoon

Duregarthemoon

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:03 AM

Posted 29 May 2018 - 12:16 AM

Hello, So i was going to download something that went through to adfly. I just klicked skip all but, instead redirecting me into download it redirect me into some malicious site that i think infected my browser. Computer become slow and i checked taskmanager there was some random file hogging all the memory, and seemed to download something i immediately put net off reseted chrome, and uninstalled it and restarted pc there was multiple of some weird files named Launch tm.exe files upon startup in task manager. I tried to scan with few programs but come mostly clean but this still bothers me. Now im unable even to download windows updates because it just tells me they are not avaible. Here are the logs.

 

Edit: I saw that update had something to do with avast messing up things on latest update so quess its blocked for reason.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by Omistaja (administrator) on DESKTOP-R3UUUMF (29-05-2018 06:57:22)
Running from C:\Users\Omistaja\Downloads\Uusi kansio
Loaded Profiles: Omistaja (Available Profiles: Omistaja)
Platform: Windows 10 Home Version 1803 17134.48 (X64) Language: suomi (Suomi)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
() C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe
(ASUSTeK) C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
() C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(FSPro Labs) C:\Program Files\My Lockbox\mylbx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(MAGIX AG) C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(ASUS Cloud Corporation) C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSPanel.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Omistaja\Downloads\Uusi kansio\FRST64english.exe
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8496344 2015-06-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1393880 2015-06-30] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [322472 2015-06-24] (Intel Corporation)
HKLM\...\Run: [mylbx] => C:\Program Files\My Lockbox\mylbx.exe [2920960 2018-01-26] (FSPro Labs)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-05-18] (AVAST Software)
HKLM-x32\...\Run: [WebStorage] => C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\ASUSWSLoader.exe [63296 2014-08-20] ()
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-03-06] (Piriform Ltd)
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3200800 2018-05-19] (Valve Corporation)
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27831240 2018-03-13] (Skype Technologies S.A.)
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-04-21]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
Tcpip\Parameters: [DhcpNameServer] 192.168.0.254
Tcpip\..\Interfaces\{2a96e50c-036d-44e4-b5ac-1304e1f1926f}: [DhcpNameServer] 192.168.0.254
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-544805583-3260788696-181003874-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/
HKU\S-1-5-21-544805583-3260788696-181003874-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2015-04-30] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
 
FireFox:
========
FF DefaultProfile: hbwp6lys.default-1527494008231
FF ProfilePath: C:\Users\Omistaja\AppData\Roaming\Mozilla\Firefox\Profiles\hbwp6lys.default-1527494008231 [2018-05-29]
FF Homepage: Mozilla\Firefox\Profiles\hbwp6lys.default-1527494008231 -> hxxps://www.google.fi/
FF Extension: (Adblock Plus) - C:\Users\Omistaja\AppData\Roaming\Mozilla\Firefox\Profiles\hbwp6lys.default-1527494008231\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-05-28]
FF Extension: (TLS 1.3 gradual roll-out fallback-limit) - C:\Users\Omistaja\AppData\Roaming\Mozilla\Firefox\Profiles\hbwp6lys.default-1527494008231\features\{4ca2ac47-9978-4b6b-9b91-444373b11bcc}\tls13-version-fallback-rollout-bug1462099@mozilla.org.xpi [2018-05-28] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_29_0_0_171.dll [2018-05-28] ()
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_29_0_0_171.dll [2018-05-28] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-03-24] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-03-24] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-28] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2014-11-15] ()
 
Chrome: 
=======
CHR Profile: C:\Users\Omistaja\AppData\Local\Google\Chrome\User Data\Default [2018-05-29]
CHR Extension: (Slides) - C:\Users\Omistaja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-05-28]
CHR Extension: (Docs) - C:\Users\Omistaja\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-05-28]
CHR Extension: (Google Drive) - C:\Users\Omistaja\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-05-28]
CHR Extension: (YouTube) - C:\Users\Omistaja\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-05-28]
CHR Extension: (Sheets) - C:\Users\Omistaja\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-05-28]
CHR Extension: (Google Docsin offline-tila) - C:\Users\Omistaja\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-05-29]
CHR Extension: (Chrome Web Storen maksut) - C:\Users\Omistaja\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-28]
CHR Extension: (Gmail) - C:\Users\Omistaja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-05-28]
CHR Extension: (Chrome Media Router) - C:\Users\Omistaja\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-28]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - hxxp://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ====================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-11-06] ()
R2 Asus WebStorage Windows Service; C:\Program Files (x86)\ASUS\WebStorage\2.1.11.399\AsusWSWinService.exe [71168 2014-08-20] (ASUS Cloud Corporation) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7620096 2018-05-18] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2018-05-18] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6076936 2018-03-27] ()
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [8633072 2018-05-28] (AVAST Software)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [774272 2018-03-28] (EasyAntiCheat Ltd)
R2 Fabs; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [1858048 2012-01-24] (MAGIX AG) [File not signed]
S3 FirebirdServerMAGIXInstance; C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2702848 2011-04-26] (MAGIX®) [File not signed]
S4 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [373312 2015-04-14] (WildTangent)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [18856 2015-06-24] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel® Corporation)
S3 Intel® Security Assist; C:\Program Files (x86)\Intel\Intel® Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
R2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [223008 2015-07-07] (Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6479136 2018-03-27] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [522688 2018-03-24] (NVIDIA Corporation)
S4 PEFService; C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe [1045336 2016-05-25] (Intel Security, Inc.)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
S3 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
 
===================== Drivers (Whitelisted) ======================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
R0 assdv2; C:\Windows\System32\Drivers\assdv2.sys [21816 2013-12-05] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2010-08-03] ()
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196640 2018-05-18] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-05-08] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-05-08] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-05-08] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-05-08] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [234560 2018-05-18] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-05-18] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159120 2018-05-18] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111360 2018-05-18] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-05-18] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-05-18] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-05-18] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-05-18] (AVAST Software)
S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [53904 2018-05-08] (The OpenVPN Project)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381552 2018-05-18] (AVAST Software)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2018-02-15] (Disc Soft Ltd)
R0 FSProFilter2; C:\WINDOWS\System32\Drivers\FSPFltd2.sys [57648 2011-06-03] (FSPro Labs)
U5 Ndisuio; C:\WINDOWS\System32\drivers\ndisuio.sys [65024 2018-04-12] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_c1a085cc86772d3f\nvlddmkm.sys [17544792 2018-03-25] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31168 2018-03-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2018-04-11] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [58816 2018-03-24] (NVIDIA Corporation)
S3 sshid; C:\WINDOWS\System32\drivers\sshid.sys [47944 2018-01-10] (SteelSeries ApS)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [28272 2018-05-28] ()
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-05-08] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [313888 2018-05-08] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [61472 2018-05-08] (Microsoft Corporation)
S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-05-29 02:45 - 2018-05-29 02:46 - 000000000 ____D C:\Users\Omistaja\AppData\Local\NPE
2018-05-29 02:44 - 2018-05-29 06:37 - 000000000 ____D C:\WINDOWS\System32\Tasks\Remediation
2018-05-29 01:53 - 2018-05-29 01:53 - 000001339 _____ C:\Users\Omistaja\Desktop\Norton Installation Files.lnk
2018-05-29 01:50 - 2018-05-29 01:50 - 000000000 ____D C:\Users\Public\Downloads\Norton
2018-05-29 01:49 - 2018-05-29 01:50 - 001124792 _____ (Symantec Corporation) C:\Users\Omistaja\Downloads\NSDeluxeDownloader.exe
2018-05-29 01:49 - 2018-05-29 01:49 - 000793536 _____ (Symantec) C:\Users\Omistaja\Downloads\Setup(8).exe
2018-05-29 01:45 - 2018-05-29 01:45 - 000793536 _____ (Symantec) C:\Users\Omistaja\Downloads\Setup(7).exe
2018-05-29 01:42 - 2018-05-29 01:42 - 000793536 _____ (Symantec) C:\Users\Omistaja\Downloads\Setup(6).exe
2018-05-29 01:41 - 2018-05-29 06:27 - 000000624 ____H C:\WINDOWS\Tasks\Norton Product InstallerIdle.job
2018-05-29 01:41 - 2018-05-29 06:27 - 000000616 _____ C:\WINDOWS\Tasks\Norton Product Installer.job
2018-05-29 01:41 - 2018-05-29 01:41 - 000793536 _____ (Symantec) C:\Users\Omistaja\Downloads\Setup(5).exe
2018-05-29 01:41 - 2018-05-29 01:41 - 000003372 _____ C:\WINDOWS\System32\Tasks\Norton Product Installer
2018-05-29 01:41 - 2018-05-29 01:41 - 000003266 _____ C:\WINDOWS\System32\Tasks\Norton Product InstallerIdle
2018-05-29 01:40 - 2018-05-29 01:40 - 000793536 _____ (Symantec) C:\Users\Omistaja\Downloads\Setup(4).exe
2018-05-29 01:36 - 2018-05-29 01:36 - 000793536 _____ (Symantec) C:\Users\Omistaja\Downloads\Setup(3).exe
2018-05-29 01:34 - 2018-05-29 06:38 - 000000000 ____D C:\ProgramData\Norton
2018-05-29 01:34 - 2018-05-29 01:34 - 000000000 ____D C:\ProgramData\NortonInstaller
2018-05-29 01:33 - 2018-05-29 01:33 - 000793536 _____ (Symantec) C:\Users\Omistaja\Downloads\Setup(2).exe
2018-05-28 21:54 - 2018-05-28 22:03 - 000000000 ____D C:\Program Files\Recuva
2018-05-28 21:54 - 2018-05-28 21:54 - 000001706 _____ C:\Users\Public\Desktop\Recuva.lnk
2018-05-28 21:08 - 2018-05-28 21:08 - 005562976 _____ (Piriform Ltd) C:\Users\Omistaja\Downloads\rcsetup153.exe
2018-05-28 20:11 - 2018-05-29 06:57 - 000000000 ____D C:\Users\Omistaja\Downloads\Uusi kansio
2018-05-28 20:04 - 2018-05-28 20:05 - 001130840 _____ (Google Inc.) C:\Users\Omistaja\Downloads\ChromeSetup(3).exe
2018-05-28 20:04 - 2018-05-28 20:04 - 000002374 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-28 20:04 - 2018-05-28 20:04 - 000002333 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-05-28 20:03 - 2018-05-28 20:03 - 001130840 _____ (Google Inc.) C:\Users\Omistaja\Downloads\ChromeSetup(2).exe
2018-05-28 11:32 - 2018-05-28 11:32 - 006981240 _____ (ESET spol. s r.o.) C:\Users\Omistaja\Downloads\esetonlinescanner_enu(4).exe
2018-05-28 11:27 - 2018-05-28 11:27 - 000468480 _____ () C:\Users\Omistaja\Downloads\CKScanner(1).exe
2018-05-28 10:09 - 2018-05-28 10:09 - 000128216 _____ (Webroot) C:\WINDOWS\system32\Drivers\WRkrn.sys
2018-05-28 10:09 - 2018-05-28 10:09 - 000128216 _____ (Webroot) C:\WINDOWS\system32\Drivers\slQGhglR.sys
2018-05-28 10:08 - 2018-05-28 10:08 - 000000120 _____ C:\Users\Omistaja\Downloads\SecurityProductInformation.ini
2018-05-28 10:05 - 2018-05-28 10:05 - 003688336 _____ (Webroot) C:\Users\Omistaja\Downloads\wsainstall.exe
2018-05-28 09:45 - 2018-05-28 09:45 - 000012872 _____ (SurfRight B.V.) C:\WINDOWS\system32\bootdelete.exe
2018-05-28 09:45 - 2018-05-28 09:45 - 000000402 _____ C:\WINDOWS\system32\bootdelete.lst
2018-05-28 09:33 - 2018-05-28 09:33 - 000055232 _____ C:\WINDOWS\system32\Drivers\hitmanpro37.sys
2018-05-28 09:32 - 2018-05-28 09:32 - 000000000 ____D C:\Program Files\HitmanPro
2018-05-28 09:26 - 2018-05-28 09:46 - 000000000 ____D C:\ProgramData\HitmanPro
2018-05-28 09:25 - 2018-05-28 09:25 - 011605440 _____ (SurfRight B.V.) C:\Users\Omistaja\Downloads\HitmanPro_x64(3).exe
2018-05-28 08:41 - 2018-05-28 08:42 - 000183746 _____ C:\TDSSKiller.3.1.0.16_28.05.2018_08.41.41_log.txt
2018-05-28 07:34 - 2018-05-28 07:35 - 011605440 _____ (SurfRight B.V.) C:\Users\Omistaja\Downloads\HitmanPro_x64(2).exe
2018-05-28 07:28 - 2018-05-28 07:28 - 001130840 _____ (Google Inc.) C:\Users\Omistaja\Downloads\ChromeSetup(1).exe
2018-05-28 06:45 - 2018-05-28 06:45 - 007271632 _____ (Malwarebytes) C:\Users\Omistaja\Downloads\adwcleaner_7.1.1(8).exe
2018-05-28 06:41 - 2018-05-28 06:41 - 001790024 _____ (Malwarebytes) C:\Users\Omistaja\Downloads\JRT(2).exe
2018-05-28 06:22 - 2018-05-28 06:22 - 001802704 _____ (Bleeping Computer, LLC) C:\Users\Omistaja\Downloads\rkill(1).exe
2018-05-28 02:04 - 2018-05-28 02:05 - 294173501 _____ C:\Users\Omistaja\Downloads\srtuf.mp4
2018-05-28 01:54 - 2018-05-28 01:55 - 027045960 _____ (Adlice Software) C:\Users\Omistaja\Downloads\RogueKiller_portable64(2).exe
2018-05-27 21:52 - 2018-05-27 21:52 - 001468824 _____ C:\Users\Omistaja\Downloads\PZC_Simply Black Caps Pack.package
2018-05-27 19:58 - 2018-05-27 19:58 - 022684427 _____ C:\Users\Omistaja\Downloads\FRS Adriana SKIN.package
2018-05-27 19:44 - 2018-05-27 19:44 - 005727820 _____ C:\Users\Omistaja\Downloads\RemusSirion_children-Skin_01_overlay(1).package
2018-05-27 19:30 - 2018-05-27 19:30 - 034180071 _____ C:\Users\Omistaja\Downloads\RemusSirion_children-Skin_01(1).package
2018-05-27 05:16 - 2018-05-27 05:16 - 000000000 ____D C:\Users\Omistaja\AppData\Local\SummerCamp
2018-05-26 20:21 - 2018-05-26 20:23 - 085694480 _____ (Rockstar Games) C:\Users\Omistaja\Downloads\Social Club Latest Setup.exe
2018-05-26 08:28 - 2018-05-26 08:28 - 000004053 _____ C:\Users\Omistaja\Downloads\OneEuroMutt = Amputee- Foot - Leg (Left).package
2018-05-26 06:27 - 2018-05-26 06:27 - 000000960 _____ C:\Users\Public\Desktop\The Sims 3 Complete Collection.lnk
2018-05-26 05:27 - 2018-05-26 05:27 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2018-05-25 21:18 - 2018-05-25 21:18 - 001790024 _____ (Malwarebytes) C:\Users\Omistaja\Downloads\JRT(1).exe
2018-05-25 21:12 - 2018-05-25 21:12 - 007271632 _____ (Malwarebytes) C:\Users\Omistaja\Downloads\adwcleaner_7.1.1(7).exe
2018-05-25 19:32 - 2018-05-25 19:32 - 003625867 _____ C:\Users\Omistaja\Downloads\necrodog-Creaturetronix200-functional.package
2018-05-25 16:22 - 2018-05-25 18:31 - 000000000 ____D C:\Users\Omistaja\Documents\EA Games
2018-05-25 16:22 - 2018-05-25 16:22 - 000000000 ____D C:\Users\Public\Documents\EA Games
2018-05-25 14:50 - 2018-05-25 17:22 - 000001275 _____ C:\Users\Public\Desktop\The Sims 2 Ultimate Collection.lnk
2018-05-25 14:50 - 2018-05-25 14:50 - 000001278 _____ C:\Users\Public\Desktop\The Sims 2 Body Shop.lnk
2018-05-25 12:35 - 2018-05-25 12:35 - 000992673 _____ C:\Users\Omistaja\Downloads\necrodog-recipe-grill-baby-shaped-meat-all.package
2018-05-25 11:23 - 2018-05-25 11:23 - 000575557 _____ C:\Users\Omistaja\Downloads\[Sintiklia] - Colorful sharp nails.package
2018-05-25 11:21 - 2018-05-25 11:21 - 000055410 _____ C:\Users\Omistaja\Downloads\[Sintiklia] - Colorful sharp nails_RECOLOR-by-RemusSims(1).package
2018-05-25 11:20 - 2018-05-25 11:20 - 000055410 _____ C:\Users\Omistaja\Downloads\[Sintiklia] - Colorful sharp nails_RECOLOR-by-RemusSims.package
2018-05-25 11:19 - 2018-05-25 11:19 - 000355739 _____ C:\Users\Omistaja\Downloads\RemusSirion_MonsterTeeth-05_teethCategory.package
2018-05-25 07:14 - 2018-05-25 07:14 - 000399947 _____ C:\Users\Omistaja\Downloads\CandyDoll_CuteBright Eyes.package
2018-05-25 05:31 - 2018-05-25 05:31 - 004035013 _____ C:\Users\Omistaja\Downloads\PS_ShinigamiMask.package
2018-05-25 05:01 - 2018-05-25 05:01 - 000406259 _____ C:\Users\Omistaja\Downloads\AnatomicAndi's_BJD_Skin(1).package
2018-05-25 04:55 - 2018-05-25 04:55 - 001857536 _____ (Oriko Industries) C:\Users\Omistaja\Downloads\YandereSimLauncher.exe
2018-05-25 02:43 - 2018-05-25 16:55 - 000000000 ____D C:\Users\Omistaja\Desktop\Uusi kansio (4)
2018-05-24 19:45 - 2018-05-24 19:45 - 000001070 _____ C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2018-05-24 19:41 - 2018-05-24 19:41 - 006473712 _____ (Black Tree Gaming ) C:\Users\Omistaja\Downloads\0.65.2-4-0-65-2.exe
2018-05-24 19:39 - 2018-05-24 19:39 - 006792909 _____ (Black Tree Gaming ) C:\Users\Omistaja\Downloads\Nexus.Mod.Manager-0.65.5.exe
2018-05-24 06:11 - 2018-05-24 06:11 - 001378804 _____ C:\Users\Omistaja\Downloads\jens85_CustomAnimations_1.0(1).package
2018-05-24 03:16 - 2018-05-24 03:17 - 007271632 _____ (Malwarebytes) C:\Users\Omistaja\Downloads\adwcleaner_7.1.1(6).exe
2018-05-24 03:16 - 2018-05-24 03:17 - 007271632 _____ (Malwarebytes) C:\Users\Omistaja\Downloads\adwcleaner_7.1.1(5).exe
2018-05-23 16:39 - 2018-05-23 16:39 - 000311803 _____ C:\Users\Omistaja\Downloads\Lavoieri_HarleyQuinnBottom.package
2018-05-23 16:31 - 2018-05-23 16:31 - 000202604 _____ C:\Users\Omistaja\Downloads\CCkZ_Suicid_Harley.package
2018-05-23 16:24 - 2018-05-23 16:24 - 000271917 _____ C:\Users\Omistaja\Downloads\AmiSwift_HQ_Tattoo.package
2018-05-21 23:51 - 2018-05-21 23:51 - 000129994 _____ C:\Users\Omistaja\Downloads\[NAAS]AnimeFaceShadow(1).package
2018-05-21 23:33 - 2018-05-21 23:33 - 001378804 _____ C:\Users\Omistaja\Downloads\jens85_CustomAnimations_1.0.package
2018-05-21 22:02 - 2018-05-21 22:02 - 000000000 ____D C:\Users\Omistaja\AppData\Local\Origin
2018-05-21 21:14 - 2018-05-21 21:14 - 000000711 _____ C:\Users\Public\Desktop\The Sims 4 x64.lnk
2018-05-21 21:14 - 2018-05-21 21:14 - 000000699 _____ C:\Users\Public\Desktop\The Sims 4.lnk
2018-05-21 04:40 - 2018-05-21 04:40 - 000609452 _____ C:\Users\Omistaja\Downloads\[NAAS]cas-fUniformRetexturesV2Part1(1).package
2018-05-20 17:53 - 2018-05-20 17:53 - 000000906 _____ C:\Users\Public\Desktop\Icaros.lnk
2018-05-20 17:53 - 2018-05-20 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Icaros
2018-05-20 17:53 - 2018-05-20 17:53 - 000000000 ____D C:\Program Files\Icaros
2018-05-20 17:51 - 2018-05-20 17:51 - 008719868 _____ (Tabibito Technology ) C:\Users\Omistaja\Downloads\Icaros_v3.0.3.exe
2018-05-20 13:07 - 2018-05-20 13:07 - 000000222 _____ C:\Users\Omistaja\Desktop\SoulWorker.url
2018-05-19 21:16 - 2018-05-19 21:16 - 000001027 _____ C:\Users\Omistaja\Desktop\Fallout Mod Manager.lnk
2018-05-19 21:16 - 2018-05-19 21:16 - 000000000 ____D C:\Users\Omistaja\AppData\Local\FOMM
2018-05-19 21:16 - 2018-05-19 21:16 - 000000000 ____D C:\Program Files (x86)\GeMM
2018-05-19 21:15 - 2018-05-19 21:15 - 001404186 _____ (Q, Timeslip ) C:\Users\Omistaja\Downloads\FOMM-36901-0-13-21.exe
2018-05-19 03:47 - 2018-05-25 08:10 - 000000000 ____D C:\Users\Omistaja\Downloads\YandereSimulator_Data
2018-05-19 00:58 - 2018-05-19 00:59 - 053793728 _____ C:\Users\Omistaja\Downloads\torbrowser-install-7.5.4_en-US.exe
2018-05-18 21:12 - 2018-05-18 21:12 - 000000000 ____D C:\Users\Omistaja\AppData\Local\Fallout4ModManager
2018-05-18 21:01 - 2018-05-18 21:01 - 012715665 _____ C:\Users\Omistaja\Downloads\Mod Organizer 2 (Installer Version)-6194-2-1-3.exe
2018-05-18 20:57 - 2018-05-18 20:57 - 019136711 _____ (Wrye Bash development team) C:\Users\Omistaja\Downloads\Wrye Bash 307 Beta2 - Installer-20032-307-beta2.exe
2018-05-18 20:37 - 2018-05-27 07:03 - 000000000 ____D C:\Users\Omistaja\Desktop\Uusi kansio (3)
2018-05-18 13:04 - 2018-05-18 13:04 - 000376536 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-05-17 23:02 - 2018-05-17 23:02 - 005112480 _____ (Husdawg, LLC) C:\Users\Omistaja\Downloads\Detection (6).exe
2018-05-17 23:00 - 2018-05-17 23:00 - 005112480 _____ (Husdawg, LLC) C:\Users\Omistaja\Downloads\Detection (5).exe
2018-05-17 22:53 - 2018-05-17 22:53 - 000000000 ___HD C:\$SysReset
2018-05-17 22:20 - 2018-05-26 23:58 - 000000000 ____D C:\Users\Omistaja\Desktop\Uusi kansio (2)
2018-05-17 21:52 - 2018-05-17 21:52 - 000000000 ____D C:\Users\Omistaja\AppData\Local\CPUID
2018-05-17 21:36 - 2018-05-17 21:36 - 000001492 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-05-17 21:34 - 2018-05-17 21:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-05-17 21:34 - 2018-03-24 03:19 - 002480064 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-05-17 21:34 - 2018-03-24 03:19 - 002137024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-05-17 21:34 - 2018-03-24 03:19 - 001310144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-05-17 21:33 - 2018-05-17 21:33 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-05-17 21:33 - 2018-03-24 03:19 - 000189784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2018-05-17 21:33 - 2018-03-24 03:19 - 000152408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2018-05-17 21:33 - 2018-03-24 01:05 - 000138120 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-05-17 21:33 - 2017-12-09 00:25 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-05-17 21:33 - 2017-12-09 00:25 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-05-17 21:33 - 2017-12-09 00:24 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-05-17 21:33 - 2017-12-09 00:24 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-05-17 21:32 - 2018-03-24 03:19 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-05-17 21:09 - 2018-05-17 21:10 - 044984120 _____ (NVIDIA Corporation) C:\Users\Omistaja\Downloads\GeForce_Experience_v2.11.4.0(1).exe
2018-05-14 23:08 - 2018-05-14 23:08 - 016634049 _____ C:\Users\Omistaja\Downloads\55c789-Deadpool Movie.zip
2018-05-14 22:10 - 2018-05-14 22:10 - 000001354 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2018-05-14 21:52 - 2018-05-14 21:52 - 000006760 _____ C:\Users\Omistaja\Downloads\Fixlog (3).txt
2018-05-14 21:52 - 2018-05-14 21:52 - 000006760 _____ C:\Users\Omistaja\Downloads\Fixlog (2).txt
2018-05-14 21:52 - 2018-05-14 21:52 - 000006760 _____ C:\Users\Omistaja\Downloads\Fixlog (1).txt
2018-05-14 19:38 - 2018-05-14 19:38 - 001790024 _____ (Malwarebytes) C:\Users\Omistaja\Downloads\JRT (1).exe
2018-05-14 19:28 - 2018-05-14 22:10 - 000005159 _____ C:\Users\Omistaja\Downloads\Fixlog.txt
2018-05-14 19:18 - 2018-05-14 19:18 - 001790024 _____ (Malwarebytes) C:\Users\Omistaja\Downloads\JRT.exe
2018-05-14 19:08 - 2018-05-14 19:08 - 003480040 _____ (McAfee, Inc.) C:\Users\Omistaja\Downloads\MCPR (2).exe
2018-05-14 19:08 - 2018-05-14 19:08 - 003480040 _____ (McAfee, Inc.) C:\Users\Omistaja\Downloads\MCPR (1).exe
2018-05-14 16:48 - 2018-05-28 11:29 - 000001525 _____ C:\Users\Omistaja\Downloads\ckfiles.txt
2018-05-14 16:36 - 2018-05-14 16:36 - 000001525 _____ C:\WINDOWS\SysWOW64\ckfiles.txt
2018-05-14 09:30 - 2018-05-14 09:30 - 116342507 _____ C:\Users\Omistaja\Downloads\mothersday.mp4
2018-05-14 08:30 - 2018-05-14 08:30 - 000468480 _____ () C:\Users\Omistaja\Downloads\CKScanner (2).exe
2018-05-14 08:29 - 2018-05-14 08:29 - 000468480 _____ () C:\Users\Omistaja\Downloads\CKScanner (1).exe
2018-05-14 08:28 - 2018-05-14 08:28 - 000468480 _____ () C:\Users\Omistaja\Downloads\CKScanner.exe
2018-05-13 23:46 - 2018-05-13 23:46 - 007271632 _____ (Malwarebytes) C:\Users\Omistaja\Downloads\adwcleaner_7.1.1(4).exe
2018-05-13 23:42 - 2018-05-13 23:42 - 000131517 _____ C:\Users\Omistaja\Downloads\FRST (8).txt
2018-05-13 23:08 - 2018-05-13 23:08 - 000131517 _____ C:\Users\Omistaja\Downloads\FRST (7).txt
2018-05-13 23:01 - 2018-05-13 23:01 - 000131517 _____ C:\Users\Omistaja\Downloads\FRST (6).txt
2018-05-13 22:56 - 2018-05-13 22:56 - 000131517 _____ C:\Users\Omistaja\Downloads\FRST (5).txt
2018-05-13 22:55 - 2018-05-13 22:55 - 000131517 _____ C:\Users\Omistaja\Downloads\FRST (4).txt
2018-05-13 22:53 - 2018-05-13 22:53 - 000041768 _____ C:\Users\Omistaja\Downloads\Addition (1).txt
2018-05-13 22:52 - 2018-05-13 22:52 - 000131517 _____ C:\Users\Omistaja\Downloads\FRST (3).txt
2018-05-13 22:49 - 2018-05-13 22:49 - 000131517 _____ C:\Users\Omistaja\Downloads\FRST (2).txt
2018-05-13 22:48 - 2018-05-13 22:48 - 000131517 _____ C:\Users\Omistaja\Downloads\FRST (1).txt
2018-05-13 22:17 - 2018-05-14 20:47 - 000130645 _____ C:\Users\Omistaja\Downloads\FRST.txt
2018-05-13 22:11 - 2018-05-13 22:11 - 000000000 ____D C:\Users\Omistaja\Downloads\FRST-OlderVersion
2018-05-13 18:38 - 2018-05-13 18:38 - 000000000 ____D C:\Users\Omistaja\AppData\Local\ESET
2018-05-13 18:37 - 2018-05-13 18:37 - 006968952 _____ (ESET spol. s r.o.) C:\Users\Omistaja\Downloads\esetonlinescanner_enu(3).exe
2018-05-13 18:21 - 2018-05-13 18:21 - 007271632 _____ (Malwarebytes) C:\Users\Omistaja\Downloads\adwcleaner_7.1.1(3).exe
2018-05-13 13:48 - 2018-05-17 21:52 - 000000000 ____D C:\Users\Omistaja\Desktop\Textures
2018-05-13 10:44 - 2018-05-13 10:44 - 000000000 ____D C:\Users\Omistaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft Wireless Network Watcher
2018-05-13 10:44 - 2018-05-13 10:44 - 000000000 ____D C:\Program Files (x86)\NirSoft
2018-05-13 10:43 - 2018-05-13 10:43 - 000431728 _____ C:\Users\Omistaja\Downloads\wnetwatcher_setup.exe
2018-05-12 11:02 - 2018-05-12 11:02 - 000000000 ____D C:\Users\Omistaja\Documents\Guild Wars
2018-05-12 11:01 - 2018-05-12 11:01 - 000165248 _____ (ArenaNet) C:\Users\Omistaja\Downloads\GwSetup.exe
2018-05-10 19:48 - 2018-05-20 16:41 - 000000000 ____D C:\Users\Omistaja\AppData\Roaming\RenPy
2018-05-10 16:13 - 2018-05-14 20:47 - 000040687 _____ C:\Users\Omistaja\Downloads\Addition.txt
2018-05-10 16:07 - 2018-05-13 22:11 - 002404864 _____ (Farbar) C:\Users\Omistaja\Downloads\FRST64english.exe
2018-05-10 15:28 - 2018-05-10 15:29 - 000510558 _____ C:\TDSSKiller.3.1.0.17_10.05.2018_15.28.00_log.txt
2018-05-10 15:24 - 2018-05-10 15:25 - 000188648 _____ C:\TDSSKiller.3.1.0.17_10.05.2018_15.24.17_log.txt
2018-05-10 15:22 - 2018-05-10 15:22 - 000000562 _____ C:\TDSSKiller.3.1.0.17_10.05.2018_15.22.11_log.txt
2018-05-10 14:49 - 2018-05-28 08:26 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2018-05-10 14:47 - 2018-05-10 14:47 - 000000000 ____D C:\WINDOWS\pss
2018-05-10 14:42 - 2018-05-10 14:43 - 036639176 _____ (Adlice Software ) C:\Users\Omistaja\Downloads\RogueKiller_setup(1).exe
2018-05-10 14:41 - 2018-05-10 15:24 - 000000000 ____D C:\Users\Omistaja\Desktop\Uusi kansio
2018-05-10 14:38 - 2018-05-10 17:08 - 000000000 ____D C:\WINDOWS\Minidump
2018-05-10 09:36 - 2018-05-10 09:36 - 000000000 ____D C:\ProgramData\Oracle
2018-05-10 09:34 - 2018-05-10 09:34 - 001881544 _____ (Oracle Corporation) C:\Users\Omistaja\Downloads\JavaSetup8u171(2).exe
2018-05-10 09:30 - 2018-05-10 09:30 - 001881544 _____ (Oracle Corporation) C:\Users\Omistaja\Downloads\JavaSetup8u171(1).exe
2018-05-10 09:29 - 2018-05-10 09:30 - 001881544 _____ (Oracle Corporation) C:\Users\Omistaja\Downloads\JavaSetup8u171.exe
2018-05-09 07:25 - 2018-05-09 07:25 - 000255928 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\3643336D.sys
2018-05-09 07:24 - 2018-05-09 07:42 - 000000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2018-05-09 07:24 - 2018-05-09 07:24 - 000000000 ____D C:\Users\Omistaja\Desktop\Mbarrr2
2018-05-09 07:23 - 2018-05-09 07:23 - 014178840 _____ (Malwarebytes Corp.) C:\Users\Omistaja\Downloads\mbar-1.10.3.1001(1).exe
2018-05-09 06:09 - 2018-05-09 06:09 - 007271632 _____ (Malwarebytes) C:\Users\Omistaja\Downloads\AdwCleaner(2).exe
2018-05-09 05:59 - 2018-04-28 16:19 - 021389360 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-09 05:59 - 2018-04-28 16:17 - 001634800 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-09 05:59 - 2018-04-28 16:04 - 012712960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-09 05:59 - 2018-04-28 16:03 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-09 05:59 - 2018-04-28 16:03 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-05-09 05:59 - 2018-04-28 16:00 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-09 05:59 - 2018-04-28 15:59 - 003655168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-09 05:59 - 2018-04-28 15:58 - 004070400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-05-09 05:59 - 2018-04-28 15:58 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-09 05:59 - 2018-04-28 15:58 - 001664512 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-09 05:59 - 2018-04-28 15:58 - 000758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-05-09 05:59 - 2018-04-28 15:31 - 001454016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-09 05:59 - 2018-04-28 15:28 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-09 05:59 - 2018-04-28 15:18 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-09 05:59 - 2018-04-28 15:17 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-09 05:59 - 2018-04-28 15:16 - 011903488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-09 05:59 - 2018-04-28 15:14 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-05-09 05:59 - 2018-04-28 15:14 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-09 05:59 - 2018-04-28 15:13 - 002897408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-09 05:59 - 2018-04-28 15:13 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-09 05:59 - 2018-04-28 15:12 - 001380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-09 05:59 - 2018-04-28 13:20 - 023862272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-05-09 05:59 - 2018-04-28 13:17 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-05-09 05:59 - 2018-04-28 13:04 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-05-09 05:59 - 2018-04-28 13:02 - 003732800 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-05-09 05:59 - 2018-04-28 12:58 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-05-09 05:59 - 2018-04-28 12:58 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Analog.dll
2018-05-09 05:59 - 2018-04-28 11:33 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-05-09 05:59 - 2018-04-28 11:30 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-05-09 05:59 - 2018-04-28 08:18 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-05-09 05:59 - 2018-04-28 06:37 - 001034624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-05-09 05:59 - 2018-04-28 06:35 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-05-09 05:59 - 2018-04-28 06:35 - 000269216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-05-09 05:59 - 2018-04-28 06:31 - 001063320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-05-09 05:59 - 2018-04-28 06:31 - 000473496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-09 05:59 - 2018-04-28 06:30 - 001456616 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-09 05:59 - 2018-04-28 06:29 - 009159064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-09 05:59 - 2018-04-28 06:29 - 001565592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-05-09 05:59 - 2018-04-28 06:29 - 001174424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-09 05:59 - 2018-04-28 06:29 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-09 05:59 - 2018-04-28 06:29 - 000885848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-05-09 05:59 - 2018-04-28 06:29 - 000788216 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-09 05:59 - 2018-04-28 06:29 - 000776880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-05-09 05:59 - 2018-04-28 06:29 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2018-05-09 05:59 - 2018-04-28 06:29 - 000382872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-09 05:59 - 2018-04-28 06:29 - 000134552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-09 05:59 - 2018-04-28 06:28 - 007436624 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-09 05:59 - 2018-04-28 06:28 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-09 05:59 - 2018-04-28 06:28 - 000709816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-05-09 05:59 - 2018-04-28 06:28 - 000170904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-05-09 05:59 - 2018-04-28 06:27 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-09 05:59 - 2018-04-28 06:27 - 003283400 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-05-09 05:59 - 2018-04-28 06:27 - 002835864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-09 05:59 - 2018-04-28 06:27 - 002422168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-09 05:59 - 2018-04-28 06:27 - 001258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-09 05:59 - 2018-04-28 06:27 - 001191168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-05-09 05:59 - 2018-04-28 06:27 - 000733992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-09 05:59 - 2018-04-28 06:27 - 000604568 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-09 05:59 - 2018-04-28 06:14 - 002486976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-05-09 05:59 - 2018-04-28 06:14 - 000434584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2018-05-09 05:59 - 2018-04-28 06:13 - 006569952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-09 05:59 - 2018-04-28 06:13 - 006044104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-09 05:59 - 2018-04-28 06:13 - 001426328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-05-09 05:59 - 2018-04-28 06:13 - 000786168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-05-09 05:59 - 2018-04-28 06:13 - 000665320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-05-09 05:59 - 2018-04-28 06:13 - 000559968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-09 05:59 - 2018-04-28 06:12 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-09 05:59 - 2018-04-28 06:12 - 000606448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-09 05:59 - 2018-04-28 06:12 - 000567136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-05-09 05:59 - 2018-04-28 06:11 - 025848832 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-09 05:59 - 2018-04-28 06:05 - 022002688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-09 05:59 - 2018-04-28 06:04 - 022707712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-09 05:59 - 2018-04-28 06:04 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-09 05:59 - 2018-04-28 06:04 - 004372992 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-05-09 05:59 - 2018-04-28 06:02 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-09 05:59 - 2018-04-28 06:02 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-05-09 05:59 - 2018-04-28 06:00 - 007583232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-09 05:59 - 2018-04-28 06:00 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-09 05:59 - 2018-04-28 06:00 - 003389952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-09 05:59 - 2018-04-28 05:59 - 019399168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-09 05:59 - 2018-04-28 05:59 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-09 05:59 - 2018-04-28 05:59 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-09 05:59 - 2018-04-28 05:59 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-05-09 05:59 - 2018-04-28 05:59 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-09 05:59 - 2018-04-28 05:59 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-09 05:59 - 2018-04-28 05:59 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-05-09 05:59 - 2018-04-28 05:58 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-09 05:59 - 2018-04-28 05:58 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-09 05:59 - 2018-04-28 05:58 - 002366976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-09 05:59 - 2018-04-28 05:58 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-09 05:59 - 2018-04-28 05:58 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-05-09 05:59 - 2018-04-28 05:57 - 005951488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-05-09 05:59 - 2018-04-28 05:57 - 002170368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-09 05:59 - 2018-04-28 05:56 - 003440640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-09 05:59 - 2018-04-28 05:56 - 002700800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-09 05:59 - 2018-04-28 05:56 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-09 05:59 - 2018-04-28 05:56 - 001817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-09 05:59 - 2018-04-28 05:56 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-09 05:59 - 2018-04-28 05:56 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-05-09 05:59 - 2018-04-28 05:56 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-05-09 05:59 - 2018-04-28 05:56 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-09 05:59 - 2018-04-28 05:55 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-09 05:59 - 2018-04-28 05:55 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-09 05:59 - 2018-04-28 05:55 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-09 05:59 - 2018-04-28 05:55 - 001160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-05-09 05:59 - 2018-04-28 05:55 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-05-09 05:59 - 2018-04-28 05:55 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-09 05:59 - 2018-04-28 05:55 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-09 05:59 - 2018-04-28 05:54 - 005782528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-09 05:59 - 2018-04-28 05:53 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-05-09 05:59 - 2018-04-28 05:53 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-09 05:59 - 2018-04-28 05:53 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-09 05:59 - 2018-04-28 05:53 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-09 05:59 - 2018-04-28 05:52 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-09 05:59 - 2018-04-28 05:52 - 001636352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-09 05:59 - 2018-04-28 05:52 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-05-09 05:59 - 2018-04-28 05:52 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-05-09 05:59 - 2018-04-28 05:51 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-09 05:59 - 2018-04-28 05:51 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-09 05:59 - 2018-04-28 05:51 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-09 05:59 - 2018-04-28 04:43 - 001953280 _____ C:\WINDOWS\system32\rdpnano.dll
2018-05-09 05:59 - 2018-04-28 04:42 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-05-09 05:58 - 2018-04-28 16:03 - 013570560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-09 05:58 - 2018-04-28 16:02 - 008623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-09 05:58 - 2018-04-28 16:02 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-09 05:58 - 2018-04-28 16:01 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2018-05-09 05:58 - 2018-04-28 15:59 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-05-09 05:58 - 2018-04-28 15:16 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-09 05:58 - 2018-04-28 15:14 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-05-09 05:58 - 2018-04-28 06:03 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-05-09 05:58 - 2018-04-28 06:03 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-05-09 05:58 - 2018-04-28 06:03 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-05-09 05:58 - 2018-04-28 06:03 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-05-09 05:58 - 2018-04-28 06:02 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-05-09 05:58 - 2018-04-28 06:02 - 000474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-05-09 05:58 - 2018-04-28 06:02 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-05-09 05:58 - 2018-04-28 06:01 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-09 05:58 - 2018-04-28 06:01 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-09 05:58 - 2018-04-28 06:01 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-05-09 05:58 - 2018-04-28 06:00 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-09 05:58 - 2018-04-28 05:59 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-09 05:58 - 2018-04-28 05:57 - 001534976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-09 05:58 - 2018-04-28 05:57 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-09 05:58 - 2018-04-28 05:56 - 002961408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-09 05:58 - 2018-04-28 05:56 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-09 05:58 - 2018-04-28 05:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-05-09 05:58 - 2018-04-28 05:55 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-05-09 05:58 - 2018-04-28 05:54 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-09 05:58 - 2018-04-28 05:53 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-05-09 05:58 - 2018-04-28 05:52 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-05-09 05:57 - 2018-05-09 05:57 - 000852798 _____ C:\Users\Omistaja\Downloads\SecurityCheck(1).exe
2018-05-08 22:16 - 2018-05-08 22:17 - 000012418 _____ C:\Users\Omistaja\Desktop\MBRCheck_05.08.18_22.16.43.txt
2018-05-08 22:15 - 2018-05-08 22:15 - 000080384 _____ C:\Users\Omistaja\Downloads\MBRCheck.exe
2018-05-08 21:25 - 2018-05-29 06:43 - 000000000 ____D C:\Users\Omistaja\AppData\Roaming\Skype
2018-05-08 21:25 - 2018-05-08 21:25 - 000002646 _____ C:\Users\Public\Desktop\Skype.lnk
2018-05-08 21:25 - 2018-05-08 21:25 - 000000000 ___RD C:\Program Files (x86)\Skype
2018-05-08 21:24 - 2018-05-08 21:25 - 000000000 ____D C:\ProgramData\Skype
2018-05-08 21:23 - 2018-05-08 21:24 - 058834376 _____ (Skype Technologies S.A.) C:\Users\Omistaja\Downloads\SkypeSetupFull.exe
2018-05-08 21:01 - 2018-05-08 21:02 - 062741696 _____ (Skype Technologies S.A.) C:\Users\Omistaja\Downloads\Skype-8.20.0.9.exe
2018-05-08 20:24 - 2018-05-19 21:05 - 000000000 ____D C:\Users\Omistaja\AppData\Local\FalloutNV
2018-05-08 07:07 - 2018-05-28 05:19 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2018-05-08 07:07 - 2018-05-08 07:07 - 000001986 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2018-05-08 07:07 - 2018-05-08 07:07 - 000001974 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2018-05-08 07:07 - 2018-05-08 07:07 - 000000000 ____D C:\Users\Omistaja\AppData\Roaming\AVAST Software
2018-05-08 07:06 - 2018-05-18 13:04 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-05-08 07:06 - 2018-05-18 13:04 - 000381552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-05-08 07:06 - 2018-05-18 13:04 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-05-08 07:06 - 2018-05-18 13:04 - 000196640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-05-08 07:06 - 2018-05-18 13:04 - 000159120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-05-08 07:06 - 2018-05-18 13:04 - 000111360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-05-08 07:06 - 2018-05-18 13:04 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-05-08 07:06 - 2018-05-18 13:04 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-05-08 07:06 - 2018-05-18 13:03 - 001027720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-05-08 07:06 - 2018-05-18 13:03 - 000234560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-05-08 07:06 - 2018-05-08 07:05 - 000343752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-05-08 07:06 - 2018-05-08 07:05 - 000227504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-05-08 07:06 - 2018-05-08 07:05 - 000199440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-05-08 07:06 - 2018-05-08 07:05 - 000057680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-05-08 07:05 - 2018-05-08 07:05 - 000053904 _____ (The OpenVPN Project) C:\WINDOWS\system32\Drivers\aswTap.sys
2018-05-08 07:03 - 2018-05-08 07:03 - 000000000 ____D C:\Program Files\AVAST Software
2018-05-08 07:02 - 2018-05-08 07:02 - 007319960 _____ (AVAST Software) C:\Users\Omistaja\Downloads\avast_free_antivirus_setup_online(1).exe
2018-05-08 06:34 - 2018-05-08 06:34 - 002519088 _____ (Kaspersky Lab) C:\Users\Omistaja\Downloads\kav18.0.0.405aben_12534.exe
2018-05-08 06:34 - 2018-05-08 06:34 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2018-05-08 06:33 - 2018-05-08 06:33 - 002343480 _____ (Kaspersky Lab) C:\Users\Omistaja\Downloads\kis18.0.0.405abcden_13440.exe
2018-05-08 06:24 - 2018-05-08 06:24 - 010160608 _____ C:\Users\Omistaja\Downloads\bitdefender_online.exe
2018-05-08 06:10 - 2018-05-08 06:23 - 000000000 _____ C:\WINDOWS\SysWOW64\last.dump
2018-05-04 05:56 - 2018-05-09 09:12 - 000000000 ____D C:\Users\Omistaja\AppData\Local\Glyph
2018-05-04 05:56 - 2018-05-04 05:56 - 000000000 ____D C:\ProgramData\Glyph
2018-05-03 16:10 - 2018-05-03 16:10 - 007271632 _____ (Malwarebytes) C:\Users\Omistaja\Downloads\adwcleaner_7.1.1(2).exe
2018-05-03 14:23 - 2018-05-04 11:14 - 000000000 ____D C:\Users\Omistaja\AppData\Roaming\Avast Tuneup
2018-05-02 17:34 - 2018-05-02 17:34 - 000141674 _____ C:\Users\Omistaja\Downloads\ExecutionMod.cs
2018-05-02 12:28 - 2018-05-28 08:47 - 000000000 ____D C:\Users\Omistaja\AppData\Local\D3DSCache
2018-05-02 12:27 - 2018-05-02 12:27 - 000001417 _____ C:\Users\Omistaja\Desktop\Microsoft Edge.lnk
2018-05-02 12:27 - 2018-05-02 12:27 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-05-02 12:21 - 2018-05-02 12:21 - 000000020 ___SH C:\Users\Omistaja\ntuser.ini
2018-05-02 12:20 - 2018-05-29 06:38 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-02 12:20 - 2018-05-02 12:20 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-544805583-3260788696-181003874-1001
2018-05-02 12:20 - 2018-05-02 12:20 - 000000000 ____D C:\WINDOWS\System32\Tasks\ASUS
2018-05-02 12:19 - 2018-05-02 12:19 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2018-05-02 12:19 - 2018-05-02 12:19 - 000007623 _____ C:\WINDOWS\diagerr.xml
2018-05-02 12:08 - 2018-05-29 06:46 - 001346770 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-02 12:01 - 2018-05-02 12:01 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-05-02 11:59 - 2018-05-10 14:47 - 000000000 ____D C:\Users\Omistaja
2018-05-02 11:59 - 2018-05-02 11:59 - 000000000 _SHDL C:\Users\Omistaja\Verkkoympäristö
2018-05-02 11:59 - 2018-05-02 11:59 - 000000000 _SHDL C:\Users\Omistaja\Tulostinympäristö
2018-05-02 11:59 - 2018-05-02 11:59 - 000000000 _SHDL C:\Users\Omistaja\Omat tiedostot
2018-05-02 11:59 - 2018-05-02 11:59 - 000000000 _SHDL C:\Users\Omistaja\Mallit
2018-05-02 11:59 - 2018-05-02 11:59 - 000000000 _SHDL C:\Users\Omistaja\Käynnistä-valikko
2018-05-02 11:59 - 2018-05-02 11:59 - 000000000 _SHDL C:\Users\Omistaja\Documents\Omat videotiedostot
2018-05-02 11:59 - 2018-05-02 11:59 - 000000000 _SHDL C:\Users\Omistaja\Documents\Omat musiikkitiedostot
2018-05-02 11:59 - 2018-05-02 11:59 - 000000000 _SHDL C:\Users\Omistaja\Documents\Omat kuvatiedostot
2018-05-02 11:59 - 2018-05-02 11:59 - 000000000 _SHDL C:\Users\Omistaja\AppData\Roaming\Microsoft\Windows\Start Menu\Ohjelmat
2018-05-02 11:59 - 2018-04-12 01:34 - 000001105 _____ C:\Users\Omistaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-02 11:57 - 2018-03-25 18:17 - 000541784 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-05-02 11:57 - 2018-03-25 18:17 - 000447576 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-05-02 11:56 - 2018-05-02 11:56 - 000000000 ____D C:\ProgramData\USOShared
2018-05-02 11:55 - 2018-05-02 11:55 - 000001288 _____ C:\Users\Public\Desktop\AudioWizard.lnk
2018-05-02 11:55 - 2018-05-02 11:55 - 000000000 ____D C:\Program Files\Waves
2018-05-02 11:55 - 2018-04-12 01:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-05-02 11:52 - 2018-05-29 03:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-02 11:52 - 2018-05-09 06:19 - 000371104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-02 11:27 - 2018-05-02 11:51 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-05-02 11:25 - 2018-05-02 11:27 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-05-02 11:11 - 2018-05-02 11:11 - 007702016 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Models0011.dll
2018-05-02 11:11 - 2018-05-02 11:11 - 007406080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Data0011.dll
2018-05-02 11:11 - 2018-05-02 11:11 - 007242240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NL7Data0011.dll
2018-05-02 11:11 - 2018-05-02 11:11 - 006350848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2018-05-02 11:11 - 2018-05-02 11:11 - 005739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2018-05-02 11:11 - 2018-05-02 11:11 - 005487616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2018-05-02 11:11 - 2018-05-02 11:11 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2018-05-02 11:11 - 2018-05-02 11:11 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2018-05-02 11:11 - 2018-05-02 11:11 - 002454528 _____ (Microsoft Corporation) C:\WINDOWS\system32\NL7Lexicons0011.dll
2018-05-02 11:11 - 2018-05-02 11:11 - 000712704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSWB70011.dll
2018-05-02 11:11 - 2018-05-02 11:11 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSWB70011.dll
2018-05-02 11:11 - 2018-05-02 11:11 - 000002060 _____ C:\WINDOWS\system32\noise.jpn
2018-05-02 11:10 - 2018-05-02 11:29 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2018-05-02 11:10 - 2018-05-02 11:10 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-05-02 11:10 - 2018-05-02 11:10 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-05-02 11:10 - 2018-05-02 11:10 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-05-02 11:10 - 2018-05-02 11:10 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-05-02 11:10 - 2018-05-02 11:10 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-05-02 11:10 - 2018-05-02 11:10 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-05-02 11:10 - 2018-05-02 11:10 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-05-02 11:10 - 2018-05-02 11:10 - 000000000 ____D C:\Program Files\MSBuild
2018-05-02 11:10 - 2018-05-02 11:10 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-05-02 11:10 - 2018-05-02 11:10 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-05-02 11:08 - 2018-05-02 11:08 - 004492288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-05-02 11:08 - 2018-05-02 11:08 - 003398144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-05-02 11:08 - 2018-05-02 11:08 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2018-05-02 11:08 - 2018-05-02 11:08 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2018-05-02 11:08 - 2018-05-02 11:08 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2018-05-02 11:08 - 2018-05-02 11:08 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2018-05-02 11:08 - 2018-05-02 11:08 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2018-05-02 11:08 - 2018-05-02 11:08 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2018-05-02 10:56 - 2018-05-02 10:56 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-05-02 09:41 - 2018-05-06 15:34 - 000000000 ___DC C:\WINDOWS\Panther
2018-05-02 06:06 - 2018-05-02 06:11 - 001804546 _____ C:\TDSSKiller.3.1.0.17_02.05.2018_06.06.34_log.txt
2018-05-02 06:04 - 2018-05-02 06:04 - 000006812 _____ C:\TDSSKiller.3.1.0.17_02.05.2018_06.04.33_log.txt
2018-05-02 04:06 - 2018-05-02 04:07 - 007271632 _____ (Malwarebytes) C:\Users\Omistaja\Downloads\adwcleaner_7.1.1(1).exe
2018-05-01 05:19 - 2018-05-01 05:20 - 036608800 _____ (Adlice Software ) C:\Users\Omistaja\Downloads\RogueKiller_setup.exe
2018-05-01 00:07 - 2018-05-01 00:07 - 007271632 _____ (Malwarebytes) C:\Users\Omistaja\Downloads\adwcleaner_7.1.1.exe
2018-04-30 12:30 - 2018-05-02 06:33 - 000000000 ____D C:\Users\Omistaja\AppData\Local\2K Games
2018-04-30 03:49 - 2018-04-30 03:49 - 000000000 ____D C:\ProgramData\XLive
2018-04-30 02:29 - 2018-04-30 02:43 - 000001039 _____ C:\Users\Public\Desktop\Grand Theft Auto IV.lnk
2018-04-30 02:29 - 2018-04-30 02:43 - 000001029 _____ C:\Users\Public\Desktop\Grand Theft Auto - EFLC.lnk
2018-04-29 03:51 - 2018-05-28 08:29 - 000028272 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2018-04-29 03:51 - 2018-05-26 21:26 - 000000000 ____D C:\Program Files\RogueKiller
2018-04-29 03:51 - 2018-05-10 14:44 - 000000906 _____ C:\Users\Public\Desktop\RogueKiller.lnk
2018-04-29 03:48 - 2018-04-29 03:48 - 036606168 _____ (Adlice Software ) C:\Users\Omistaja\Downloads\setup(1).exe
2018-04-29 03:15 - 2018-04-29 03:15 - 000001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2018-04-29 03:15 - 2018-04-29 03:15 - 000001111 _____ C:\Users\Public\Desktop\paint.net.lnk
2018-04-29 03:15 - 2018-04-29 03:15 - 000000000 ____D C:\Program Files\paint.net
2018-04-29 03:14 - 2018-04-29 03:18 - 000000000 ____D C:\Users\Omistaja\AppData\Local\paint.net
2018-04-29 02:52 - 2018-04-29 06:27 - 000000918 _____ C:\Users\Omistaja\Desktop\visit www.nosteam.ro.lnk
2018-04-29 02:52 - 2018-04-29 03:41 - 000000999 _____ C:\Users\Omistaja\Desktop\Play GTA IV Multiplayer.lnk
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2018-05-29 06:57 - 2017-04-17 13:44 - 000000000 ____D C:\FRST
2018-05-29 06:56 - 2017-02-22 01:52 - 000000000 ____D C:\Users\Omistaja\Downloads\Log
2018-05-29 06:53 - 2016-11-17 00:19 - 000000000 ____D C:\Users\Omistaja\AppData\LocalLow\Mozilla
2018-05-29 06:49 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-05-29 06:46 - 2018-04-12 17:56 - 000437354 _____ C:\WINDOWS\system32\perfh00B.dat
2018-05-29 06:46 - 2018-04-12 17:56 - 000081474 _____ C:\WINDOWS\system32\perfc00B.dat
2018-05-29 06:46 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-05-29 06:40 - 2018-04-20 11:33 - 000000000 ____D C:\Program Files (x86)\Steam
2018-05-29 06:39 - 2018-04-14 05:27 - 000000000 ____D C:\ProgramData\NVIDIA
2018-05-29 06:38 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-05-29 06:37 - 2018-04-12 01:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-05-29 06:37 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-05-29 06:31 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-29 06:09 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-29 03:40 - 2018-04-20 11:21 - 000000000 ____D C:\Users\Omistaja\AppData\Roaming\Guild Wars 2
2018-05-29 02:44 - 2018-04-19 11:54 - 000000000 ____D C:\Program Files\Common Files\AV
2018-05-28 23:05 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-28 21:54 - 2016-12-12 04:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2018-05-28 20:04 - 2018-04-14 09:54 - 000000000 ____D C:\Users\Omistaja\AppData\Local\Google
2018-05-28 20:04 - 2018-04-14 09:54 - 000000000 ____D C:\Program Files (x86)\Google
2018-05-28 09:53 - 2017-10-09 10:24 - 000000000 ____D C:\Users\Omistaja\Desktop\Firefoxin vanhat tiedot
2018-05-28 09:52 - 2018-04-26 23:45 - 000000000 ____D C:\Users\Omistaja\AppData\Local\Adobe
2018-05-28 09:51 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-05-28 09:51 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-05-28 08:27 - 2018-04-20 10:58 - 000002100 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-05-28 07:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\registration
2018-05-28 06:44 - 2016-12-17 05:37 - 000000556 _____ C:\Users\Omistaja\Desktop\JRT.txt
2018-05-28 06:28 - 2017-01-04 12:13 - 000002072 _____ C:\Users\Omistaja\Desktop\Rkill.txt
2018-05-28 05:21 - 2018-04-21 00:17 - 000000000 ____D C:\Users\Omistaja\AppData\Roaming\vlc
2018-05-28 03:27 - 2018-01-16 03:17 - 000000000 ____D C:\Users\Omistaja\Documents\BnS
2018-05-28 01:49 - 2018-04-20 12:00 - 000000000 ____D C:\Users\Omistaja\AppData\Local\CrashDumps
2018-05-27 05:16 - 2018-04-21 21:09 - 000000000 ____D C:\Users\Omistaja\AppData\Local\UnrealEngine
2018-05-27 00:48 - 2016-11-12 03:52 - 000000000 ____D C:\Users\Omistaja\Documents\Nexus Mod Manager
2018-05-26 20:23 - 2018-04-20 10:56 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2018-05-26 06:33 - 2017-05-10 21:35 - 000000000 ___RD C:\Users\Omistaja\Documents\Electronic Arts
2018-05-26 06:27 - 2017-05-10 21:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 3 Complete Collection
2018-05-26 05:02 - 2016-12-29 10:17 - 000000000 ____D C:\Users\Omistaja\Downloads\fallout 3
2018-05-25 21:16 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-05-25 14:50 - 2017-01-16 15:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ
2018-05-24 19:45 - 2018-04-20 14:31 - 000000000 ____D C:\Users\Omistaja\AppData\Local\Black_Tree_Gaming
2018-05-24 19:45 - 2018-01-22 02:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2018-05-20 22:53 - 2018-04-14 05:55 - 000000000 ____D C:\Users\Omistaja\AppData\Local\NVIDIA Corporation
2018-05-20 13:07 - 2018-02-01 13:18 - 000000000 ____D C:\Users\Omistaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-05-19 21:16 - 2016-12-29 10:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fallout Mod Manager
2018-05-19 20:29 - 2018-02-18 02:44 - 000000000 ____D C:\Users\Omistaja\AppData\LocalLow\illusion__Koikatu
2018-05-19 03:47 - 2017-07-10 03:36 - 018176512 _____ C:\Users\Omistaja\Downloads\YandereSimulator.exe
2018-05-19 01:04 - 2018-04-20 20:48 - 000000926 _____ C:\Users\Omistaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2018-05-19 01:04 - 2018-04-20 20:48 - 000000878 _____ C:\Users\Omistaja\Desktop\Start Tor Browser.lnk
2018-05-18 23:09 - 2018-04-14 05:55 - 000000000 ____D C:\Users\Omistaja\AppData\Local\NVIDIA
2018-05-18 13:00 - 2018-04-20 10:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-05-18 13:00 - 2018-04-20 10:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-05-18 01:22 - 2018-04-20 10:24 - 000001012 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-05-18 00:03 - 2018-04-14 05:55 - 000000000 ____D C:\Users\Omistaja\AppData\Local\Packages
2018-05-17 21:52 - 2018-04-12 01:34 - 000006656 _____ C:\WINDOWS\system32\lpcio.dll
2018-05-17 21:36 - 2015-10-16 09:02 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-05-17 21:34 - 2018-04-14 05:27 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-05-17 21:34 - 2018-04-14 05:27 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-05-17 21:07 - 2018-04-20 12:33 - 000000000 ____D C:\Program Files\My Lockbox
2018-05-17 20:36 - 2018-04-20 14:58 - 000000000 ____D C:\Users\Omistaja\AppData\Local\Ubisoft Game Launcher
2018-05-16 12:40 - 2018-04-05 21:26 - 000000255 _____ C:\Users\Omistaja\Documents\nabster.ini
2018-05-15 16:52 - 2017-08-09 23:05 - 000000000 ____D C:\Users\Omistaja\Desktop\Guru3D.com
2018-05-14 19:11 - 2015-08-13 07:21 - 000000000 ____D C:\Program Files\mcafee
2018-05-11 18:21 - 2017-12-25 07:19 - 000000000 ____D C:\Users\Omistaja\Desktop\enb
2018-05-11 11:11 - 2018-04-05 21:25 - 000000402 _____ C:\Users\Omistaja\Documents\nabster_cfg.ini
2018-05-10 14:44 - 2017-04-13 19:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RogueKiller
2018-05-09 22:10 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-05-09 07:25 - 2018-04-20 10:57 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-05-09 06:21 - 2017-12-24 15:22 - 000000000 ___RD C:\Users\Omistaja\3D Objects
2018-05-09 06:21 - 2015-08-13 07:31 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-05-09 06:15 - 2018-04-12 17:58 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-05-09 06:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-05-09 06:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-05-09 06:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2018-05-09 06:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2018-05-09 06:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\setup
2018-05-09 06:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-09 06:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-05-09 06:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2018-05-09 06:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2018-05-09 06:15 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-05-09 06:15 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-05-09 06:15 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-05-09 05:58 - 2018-04-20 10:25 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-09 05:56 - 2018-04-20 10:24 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-09 05:55 - 2018-04-20 10:24 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-08 21:25 - 2017-03-16 14:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-05-08 21:03 - 2018-04-14 05:58 - 000000000 ____D C:\Users\Omistaja\AppData\Local\Comms
2018-05-08 13:46 - 2017-06-08 21:45 - 000000000 ____D C:\Users\Omistaja\Downloads\Emule
2018-05-08 07:07 - 2018-04-20 12:12 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-05-08 07:02 - 2018-04-20 12:06 - 000000000 ____D C:\ProgramData\AVAST Software
2018-05-08 06:16 - 2018-04-20 10:45 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-05-06 10:05 - 2018-04-20 16:03 - 000000000 ____D C:\Users\Omistaja\AppData\Local\BlackDesertOnline
2018-05-04 10:18 - 2015-10-16 08:58 - 000000000 ____D C:\ProgramData\Package Cache
2018-05-03 12:41 - 2018-04-27 10:03 - 000000000 ____D C:\Users\Omistaja\AppData\Local\PlaceholderTileLogoFolder
2018-05-03 04:18 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\appcompat
2018-05-03 00:51 - 2018-04-14 05:55 - 000000000 ____D C:\Users\Omistaja\AppData\Local\ConnectedDevicesPlatform
2018-05-02 12:38 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-05-02 12:20 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\windows nt
2018-05-02 12:19 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Windows Defender
2018-05-02 12:12 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-02 12:11 - 2018-04-14 05:50 - 000022984 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-05-02 12:08 - 2015-10-16 09:00 - 001369554 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2018-05-02 12:03 - 2017-10-20 01:41 - 000000000 ____D C:\Users\Omistaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Klub 17
2018-05-02 12:03 - 2017-02-05 04:21 - 000000000 ____D C:\Users\Omistaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nexon
2018-05-02 12:03 - 2017-01-28 19:12 - 000000000 ____D C:\Users\Omistaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The Elder Scrolls Online
2018-05-02 12:03 - 2016-11-13 07:14 - 000000000 ____D C:\Users\Omistaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\My Lockbox
2018-05-02 12:03 - 2016-11-12 01:52 - 000000000 ____D C:\Users\Omistaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-05-02 12:00 - 2018-03-28 10:28 - 000000000 ____D C:\Users\Omistaja\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2018-05-02 11:56 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\USOPrivate
2018-05-02 11:55 - 2018-04-14 05:27 - 000319059 _____ C:\WINDOWS\system32\Drivers\RTWAVES40.dat
2018-05-02 11:55 - 2018-04-14 05:27 - 000006786 _____ C:\WINDOWS\system32\Drivers\rtwavesEFX.dat
2018-05-02 11:55 - 2018-04-14 05:27 - 000002626 _____ C:\WINDOWS\system32\Drivers\rtwavesMFX.dat
2018-05-02 11:55 - 2018-04-14 05:27 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-05-02 11:55 - 2015-10-16 08:59 - 000001300 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AudioWizard.lnk
2018-05-02 11:51 - 2018-04-26 09:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Data Recovery Wizard
2018-05-02 11:51 - 2018-04-26 09:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
2018-05-02 11:51 - 2018-04-20 11:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2018-05-02 11:51 - 2018-04-14 05:04 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-05-02 11:51 - 2018-04-14 05:04 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-05-02 11:51 - 2018-04-12 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2018-05-02 11:51 - 2018-04-12 17:56 - 000000000 ____D C:\WINDOWS\system32\WCN
2018-05-02 11:51 - 2018-04-12 01:41 - 000000000 ____D C:\WINDOWS\Setup
2018-05-02 11:51 - 2018-04-12 01:38 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-05-02 11:51 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\DiagSvcs
2018-05-02 11:51 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-05-02 11:51 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\spool
2018-05-02 11:51 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\IME
2018-05-02 11:51 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Help
2018-05-02 11:51 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-05-02 11:51 - 2018-04-11 14:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-05-02 11:51 - 2018-03-25 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FINAL FANTASY XV
2018-05-02 11:51 - 2018-03-04 16:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glyph
2018-05-02 11:51 - 2018-03-04 16:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingdom Come Deliverance
2018-05-02 11:51 - 2018-02-04 16:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed Origins
2018-05-02 11:51 - 2018-02-02 22:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free MP4 to AVI Converter (32-bit)
2018-05-02 11:51 - 2018-01-09 16:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Instagiffer
2018-05-02 11:51 - 2017-08-24 01:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CS6
2018-05-02 11:51 - 2017-08-09 21:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tom Clancy's Ghost Recon Wildlands
2018-05-02 11:51 - 2017-08-08 13:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Metal Gear Solid V The Phantom Pain
2018-05-02 11:51 - 2017-08-04 04:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HxD Hex Editor
2018-05-02 11:51 - 2017-02-22 01:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Perfect World Entertainment
2018-05-02 11:51 - 2017-01-20 11:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watch_Dogs 2
2018-05-02 11:51 - 2017-01-12 07:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Far Cry Primal
2018-05-02 11:51 - 2017-01-04 06:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Duplicate File Finder
2018-05-02 11:51 - 2017-01-04 03:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
2018-05-02 11:51 - 2016-11-19 17:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-05-02 11:51 - 2016-11-13 06:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-05-02 11:51 - 2016-11-12 01:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-05-02 11:51 - 2015-10-16 09:11 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-05-02 11:51 - 2015-10-16 09:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Music Maker
2018-05-02 11:51 - 2015-10-16 09:00 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2018-05-02 11:51 - 2015-10-16 08:58 - 000000000 ____D C:\Program Files\Intel
2018-05-02 11:51 - 2015-08-13 07:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2018-05-02 11:51 - 2015-08-13 07:20 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector 10
2018-05-02 11:51 - 2015-08-13 07:17 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PhotoDirector 3
2018-05-02 11:51 - 2015-08-13 05:43 - 000000000 ____D C:\WINDOWS\SysWOW64\OEM
2018-05-02 11:30 - 2018-04-12 01:38 - 000000000 __RHD C:\Users\Public\Libraries
2018-05-02 11:29 - 2018-04-12 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2018-05-02 11:28 - 2018-04-14 05:27 - 000000000 ____D C:\WINDOWS\system32\Drivers\NVIDIA Corporation
2018-05-02 11:28 - 2018-04-12 17:57 - 000000000 ____D C:\WINDOWS\OCR
2018-05-02 11:28 - 2018-04-12 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2018-05-02 11:28 - 2018-04-12 17:56 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2018-05-02 11:28 - 2018-04-12 17:56 - 000000000 ____D C:\WINDOWS\system32\winrm
2018-05-02 11:28 - 2018-04-12 17:56 - 000000000 ____D C:\WINDOWS\system32\slmgr
2018-05-02 11:28 - 2018-04-12 17:56 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2018-05-02 11:28 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-05-02 11:28 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-05-02 11:28 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\dsc
2018-05-02 11:28 - 2018-04-12 01:38 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-05-02 11:28 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-05-02 11:28 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-05-02 11:28 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-05-02 11:28 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-05-02 11:28 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-05-02 11:28 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-05-02 11:28 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-05-02 11:28 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-05-02 11:28 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-02 11:27 - 2018-04-14 05:27 - 000000000 ____D C:\Program Files\Realtek
2018-05-02 11:27 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\system
2018-05-02 11:27 - 2018-01-18 05:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SQUARE ENIX
2018-05-02 11:27 - 2018-01-15 22:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCSOFT
2018-05-02 11:27 - 2018-01-12 17:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NifTools
2018-05-02 11:27 - 2018-01-09 17:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2018-05-02 11:27 - 2017-08-04 12:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2018-05-02 11:27 - 2017-08-02 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WB Games
2018-05-02 11:27 - 2017-06-06 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2018-05-02 11:27 - 2017-05-27 15:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bethesda Softworks
2018-05-02 11:27 - 2017-04-14 07:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits
2018-05-02 11:27 - 2017-02-02 21:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strogino CS Portal
2018-05-02 11:27 - 2017-01-04 10:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2
2018-05-02 11:27 - 2017-01-04 07:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCWest
2018-05-02 11:27 - 2016-12-09 19:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GMT-MAX.ORG
2018-05-02 11:27 - 2016-12-04 00:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
2018-05-02 11:27 - 2015-08-13 07:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2018-05-02 11:23 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-05-02 11:23 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-05-02 11:23 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\servicing
2018-05-02 11:08 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2018-05-02 11:08 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2018-05-02 11:08 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2018-05-02 11:08 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2018-05-02 11:08 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2018-05-02 11:08 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2018-05-02 11:08 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
2018-05-02 11:08 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-05-02 06:58 - 2018-04-20 14:20 - 000000000 ____D C:\ProgramData\RogueKiller
2018-05-02 06:58 - 2010-02-01 00:00 - 000000000 ____D C:\Users\Omistaja\Desktop\OpenHardwareMonitor
2018-05-02 06:57 - 2018-04-20 14:58 - 000000000 ____D C:\Program Files (x86)\EasyAntiCheat
2018-05-01 23:22 - 2018-04-12 01:41 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-05-01 23:22 - 2018-04-12 01:41 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-05-01 02:53 - 2018-04-20 14:28 - 000000000 ____D C:\Users\Omistaja\AppData\Local\LOOT
2018-04-29 00:46 - 2018-04-14 05:56 - 000000000 ____D C:\Users\Omistaja\AppData\Local\Publishers
 
Some files in TEMP:
====================
2018-05-29 01:41 - 2018-05-29 01:41 - 016781864 _____ (Symantec Corporation) C:\Users\Omistaja\AppData\Local\Temp\nssSetup.exe
 
==================== Bamital & volsnap ======================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
 
LastRegBack: 2018-05-02 11:52
 
==================== End of FRST.txt ============================
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by Omistaja (29-05-2018 06:58:18)
Running from C:\Users\Omistaja\Downloads\Uusi kansio
Windows 10 Home Version 1803 17134.48 (X64) (2018-05-02 10:21:10)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
DefaultAccount (S-1-5-21-544805583-3260788696-181003874-503 - Limited - Disabled)
Järjestelmänvalvoja (S-1-5-21-544805583-3260788696-181003874-500 - Administrator - Disabled)
Omistaja (S-1-5-21-544805583-3260788696-181003874-1001 - Administrator - Enabled) => C:\Users\Omistaja
Vieras (S-1-5-21-544805583-3260788696-181003874-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-544805583-3260788696-181003874-504 - Limited - Disabled)
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Adobe Flash Player 29 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 29.0.0.171 - Adobe Systems Incorporated)
Adobe Photoshop CS6 version 13.0.1 (HKLM-x32\...\{A724DC44-6241-42D3-BA57-778B178ABC17}_is1) (Version: 13.0.1 - Adobe Systems, Inc.)
Alcor Micro USB Card Reader Driver (HKLM-x32\...\{815AC3A5-2335-4745-845D-7C9EC82C6E84}) (Version: 20.11.301.4403 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{815AC3A5-2335-4745-845D-7C9EC82C6E84}) (Version: 20.11.301.4403 - Alcor Micro Corp.)
ASUS App Box (HKLM-x32\...\{F0CE6060-50B1-401E-8357-B6E24DB98D21}) (Version: 1.01.06 - ASUSTeK Computer Inc.)
ASUS Manager - Ai Booting (HKLM-x32\...\{2DCE446C-D090-4458-8782-8F16DF94351E}) (Version: 2.01.15 - ASUSTeK Computer Inc.)
ASUS Manager - Backup & Recovery (HKLM-x32\...\{34D67DE5-2ECF-4E6B-A243-2C16E2792787}) (Version: 2.01.15 - ASUSTeK Computer Inc.)
ASUS Manager - PC Cleanup (HKLM-x32\...\{E22A19AE-7DDB-4959-B1DB-A0996294352A}) (Version: 2.01.14 - ASUSTeK Computer Inc.)
ASUS Manager - Power Manager (HKLM-x32\...\{DD248BEE-E925-4720-A775-9A42276BB6EA}) (Version: 2.02.06 - ASUSTeK Computer Inc.)
ASUS Manager - SyncUp (HKLM-x32\...\{C2294792-457D-4DF7-9486-B630754C73D0}) (Version: 2.00.10 - ASUSTeK Computer Inc.)
ASUS Manager - Update (HKLM-x32\...\{675BBE8A-0ED3-4048-8723-BA51EAB8E1A8}) (Version: 2.03.03 - ASUSTeK Computer Inc.)
ASUS Manager (HKLM-x32\...\{F5E5AD85-4A90-4604-A887-464D3818D8FD}) (Version: 2.10.01 - ASUSTeK Computer Inc.)
ASUS Music Maker (HKLM\...\{5FDB730E-6091-4125-AA5D-1143A091E32B}) (Version: 21.0.3.44 - MAGIX Software GmbH) Hidden
ASUS Music Maker (HKLM-x32\...\MX.{5FDB730E-6091-4125-AA5D-1143A091E32B}) (Version: 21.0.3.44 - MAGIX Software GmbH)
ASUS Music Maker Soundpools (HKLM\...\{15634847-BDA3-4A0D-84C7-C5175E49C745}) (Version: 1.0.0.0 - MAGIX Software GmbH) Hidden
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.1.4888 - AVAST Software)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.4.2338 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.5524 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4307 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4307 - CyberLink Corp.)
Device Setup (HKLM-x32\...\{1F07F2C7-596F-4F34-B805-2C61A3E50E5A}) (Version: 1.0.22 - ASUSTek Computer Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 391.35 - NVIDIA Corporation) Hidden
EaseUS Data Recovery Wizard (HKLM\...\EaseUS Data Recovery Wizard_is1) (Version:  - EaseUS)
Evernote v. 5.8.6 (HKLM-x32\...\{FEDC7C10-EF67-11E4-9B07-00505695D7B0}) (Version: 5.8.6.7519 - Evernote Corp.)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
Firebird SQL Server - MAGIX Edition (HKLM-x32\...\{39AB2E37-1A55-4292-A5D3-971E9F70D0F8}) (Version: 2.1.32.0 - MAGIX AG)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.123 - Google Inc.) Hidden
GTA IV: The Complete Edition (HKLM-x32\...\GTA IV: The Complete Edition_is1) (Version:  - )
Icaros 3.0.3 (HKLM\...\Icaros_is1) (Version: 3.0.3.000 - Tabibito Technology)
Intel® Chipset Device Software (HKLM-x32\...\{c6cff78a-cccb-49d5-be68-ae0ec5f0d48a}) (Version: 10.1.1.8 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1156 - Intel Corporation)
Intel® Network Connections 20.1.2019.0 (HKLM\...\PROSetDX) (Version: 20.1.2019.0 - Intel)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.0.1081 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
LOOT version 0.12.5 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.12.5 - LOOT Team)
MAGIX Content and Soundpools (HKLM-x32\...\MAGIX_GlobalContent) (Version: 1.0.0.0 - MAGIX Software GmbH)
Malwarebytes version 3.4.5.2467 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.4.5.2467 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 1.6.5230.111 - Waves Audio Ltd.) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Mozilla Firefox 60.0.1 (x64 fi) (HKLM\...\Mozilla Firefox 60.0.1 (x64 fi)) (Version: 60.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0.2 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
My Lockbox 4.1 (HKLM\...\My Lockbox_is1) (Version: 4.1 - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.65.2 - Black Tree Gaming)
NirSoft Wireless Network Watcher (HKLM-x32\...\NirSoft Wireless Network Watcher) (Version:  - )
NVIDIA 3D Vision -ohjain 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA 3D Vision -ohjain 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 391.35 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.13.1.30 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.13.1.30 - NVIDIA Corporation)
NVIDIA Grafiikkaohjain 391.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 391.35 - NVIDIA Corporation)
NVIDIA HD-ääniohjain 1.3.36.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.36.6 - NVIDIA Corporation)
NVIDIA PhysX-järjestelmäohjelmisto 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenIV (HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\OpenIV) (Version: 3.0.1004 - .black/OpenIV Team)
paint.net (HKLM\...\{E8FA8815-3817-4128-A814-E2EAC456ADF0}) (Version: 4.0.21 - dotPDN LLC)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7548 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Revo Uninstaller 2.0.5 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.5 - VS Revo Group, Ltd.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.3.8 - Rockstar Games)
RogueKiller version 12.12.16.0 (HKLM\...\8B3D7924-ED89-486B-8322-E8594065D5CB_is1) (Version: 12.12.16.0 - Adlice Software)
Skype™ 7.41 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.41.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
The Sims 2 Ultimate Collection version 1.17.0.66 (HKLM-x32\...\The Sims 2 Ultimate Collection_is1) (Version: 1.17.0.66 - Mr DJ)
The Sims 3 Complete Collection version 1.67.2 (HKLM-x32\...\The Sims 3 Complete Collection_is1) (Version: 1.67.2 - Mr DJ)
The Sims 4 (HKLM-x32\...\The Sims 4_is1) (Version:  - )
Update Installer for WildTangent Games App (HKLM-x32\...\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App) (Version:  - WildTangent) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 50.0 - Ubisoft)
WebStorage (HKLM-x32\...\WebStorage) (Version: 2.1.11.399 - ASUS Cloud Corporation)
WildTangent Games App (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-asus) (Version: 4.0.11.16 - WildTangent)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
ShellIconOverlayIdentifiers: [!AsusWSShellExt_B] -> {6D4133E5-0742-4ADC-8A8C-9303440F7191} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_O] -> {64174815-8D98-4CE6-8646-4C039977D809} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [!AsusWSShellExt_U] -> {1C5AB7B1-0B38-4EC4-9093-7FD277E2AF4E} => C:\Program Files (x86)\Common Files\AWS\2.1.11.399\ASUSWSShellExt64.dll [2013-06-26] (ASUS Cloud Corporation.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-18] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-18] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-18] (AVAST Software)
ContextMenuHandlers3: [BackupContextMenuExtension] -> {b1b96b20-da1d-4a3c-92c1-7229b32f2326} => C:\Windows\system32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-03-24] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-05-18] (AVAST Software)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-03-27] (Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {006EC73F-E7A3-4E7B-B51C-E2DF162BD16A} - System32\Tasks\S-1-5-21-544805583-3260788696-181003874-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation)
Task: {0C6985CD-E19E-41EB-A4CF-207694D8A297} - System32\Tasks\ASUS\ASUS Manager HotKey Service => C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe [2014-03-20] (ASUSTeK Computer Inc.)
Task: {2FCB69FE-8621-4E30-B821-9449E7E9E814} - System32\Tasks\ASUS\ASUS Manager BackgroundWindow => C:\Program Files (x86)\ASUS\ASUS Manager\BackgroundWindow.exe [2015-02-03] ()
Task: {4CB2D468-AA76-4928-9309-3E1BA322B63D} - System32\Tasks\ASUS\ASUS Manager - PC Cleanup - SecureDeleteBackground => C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe [2014-06-04] ()
Task: {4FFDF97F-5A87-4F9A-B993-387A58C9EC50} - System32\Tasks\ASUS\ASUS Updater => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSFourceUpdater.exe [2015-02-14] ()
Task: {62272857-4835-4E99-B65F-B4414E6E8BBE} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2018-05-09] (AVAST Software)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6BFE7500-22BD-4375-8F0E-2FA307A60620} - System32\Tasks\Norton Product InstallerIdle => C:\Users\Omistaja\AppData\Local\Temp\7zSEFEE.tmp\SymInstallStub.exe <==== ATTENTION
Task: {79AA9D63-EBF2-442B-AE1E-48AB4159A423} - System32\Tasks\ASUS\SyncUp => C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe [2015-04-02] (ASUSTeK Computer Inc.)
Task: {7E2F7C3A-9558-4F7B-BB0B-5985BAEB5830} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-15] (ASUSTek Computer Inc.)
Task: {9D718065-E66E-499E-AC04-AF1C8ED0E893} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe [2015-06-25] ()
Task: {B894D9A2-9919-421C-841D-38E7CBE6259C} - System32\Tasks\Norton Product Installer => C:\Users\Omistaja\AppData\Local\Temp\7zSEFEE.tmp\SymInstallStub.exe <==== ATTENTION
Task: {BD08B2F1-9929-4012-9D4C-5159B8943701} - System32\Tasks\ASUS\Power_Manager_background => C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe [2014-09-13] (ASUSTeK)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
Task: C:\WINDOWS\Tasks\Norton Product Installer.job => C:\Users\Omistaja\AppData\Local\Temp\7zSEFEE.tmp\SymInstallStub.exeK/partnerid=symantec /productlist=nss /staging=false /delay=0 /launchedby=2 C:\Users\Omistaja\AppData\Local\Temp\7zSEFEE.tmp <==== ATTENTION
Task: C:\WINDOWS\Tasks\Norton Product InstallerIdle.job => C:\Users\Omistaja\AppData\Local\Temp\7zSEFEE.tmp\SymInstallStub.exeK/partnerid=symantec /productlist=nss /staging=false /delay=0 /launchedby=4 C:\Users\Omistaja\AppData\Local\Temp\7zSEFEE.tmp <==== ATTENTION
 
==================== Shortcuts & WMI ========================
 
(The entries could be listed to be restored or removed.)
 
 
==================== Loaded Modules (Whitelisted) ==============
 
2018-04-20 11:52 - 2018-03-24 03:19 - 000544192 _____ () C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem\DisplayDriverAnalyzer\_DisplayDriverCrashAnalyzer64.dll
2015-08-13 07:20 - 2012-04-24 12:43 - 000390632 _____ () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-05-19 19:11 - 2015-05-19 19:11 - 000007680 _____ () C:\Program Files (x86)\Intel\Intel® Security Assist\isaHelperService.exe
2018-05-17 21:34 - 2018-03-24 03:19 - 001267648 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-10-16 09:07 - 2014-06-04 00:59 - 000930448 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\PC Cleanup\SecureDeleteBackground.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2015-10-16 09:07 - 2014-03-13 00:51 - 000907776 _____ () C:\Windows\PCCleanupContextMenu\x64\ContextMenuHandler.dll
2018-04-12 01:35 - 2018-04-12 17:58 - 002184704 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-16 09:06 - 2013-11-06 12:58 - 000920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2018-05-28 20:04 - 2018-05-15 05:13 - 004443992 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\libglesv2.dll
2018-05-28 20:04 - 2018-05-15 05:13 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\libegl.dll
2015-10-16 09:07 - 2014-01-22 20:36 - 000753664 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\WiMoveHelp.dll
2015-10-16 09:07 - 2014-01-22 20:35 - 000684032 _____ () C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\PhoneCtrlAPI.dll
2018-05-08 07:06 - 2018-05-08 07:06 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-05-18 13:03 - 2018-05-18 13:03 - 000482520 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-05-18 13:03 - 2018-05-18 13:03 - 000293592 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2018-04-20 11:36 - 2018-05-01 09:32 - 000788256 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2018-04-20 11:35 - 2016-09-01 03:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2018-04-20 11:35 - 2018-05-19 01:01 - 002632480 _____ () C:\Program Files (x86)\Steam\video.dll
2018-04-20 11:35 - 2016-09-01 03:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2018-04-20 11:35 - 2016-09-01 03:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-04-20 11:35 - 2017-12-20 03:43 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-04-20 11:35 - 2017-12-20 03:43 - 000695584 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-04-20 11:35 - 2017-12-20 03:43 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-04-20 11:35 - 2017-12-20 03:43 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-04-20 11:35 - 2017-12-20 03:43 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2018-04-20 11:36 - 2018-05-19 01:01 - 000979232 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2018-04-20 11:35 - 2016-07-05 00:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2017-09-26 21:22 - 2017-09-26 21:22 - 001984000 ____R () C:\Program Files (x86)\Skype\Phone\skypert.dll
2018-04-21 19:44 - 2016-09-12 14:53 - 048936448 _____ () C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
2018-04-20 11:39 - 2018-05-01 09:32 - 000788256 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\SDL2.dll
2018-04-20 11:39 - 2018-05-14 21:39 - 083524384 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\libcef.dll
2018-04-20 11:35 - 2015-09-25 01:52 - 000119208 _____ () C:\Program Files (x86)\Steam\winh264.dll
2018-04-20 11:39 - 2018-05-14 21:39 - 002253600 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libglesv2.dll
2018-04-20 11:39 - 2018-05-14 21:39 - 000109856 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7\swiftshader\libegl.dll
2015-10-16 09:06 - 2018-05-29 06:41 - 000033936 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2015-10-16 09:06 - 2010-06-29 04:58 - 000104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2015-07-07 06:36 - 2015-07-07 06:36 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10:n päivitysavustaja.lnk [408]
AlternateDataStreams: C:\Users\Omistaja\Desktop\Windows 10:n päivitysavustaja.lnk [402]
 
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\05649493.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\05649493.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
 
==================== Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
HKU\.DEFAULT\Software\Classes\exefile:  <==== ATTENTION
HKU\.DEFAULT\Software\Classes\.exe: exefile =>  <==== ATTENTION
HKU\S-1-5-21-544805583-3260788696-181003874-1001\Software\Classes\exefile:  <==== ATTENTION
HKU\S-1-5-21-544805583-3260788696-181003874-1001\Software\Classes\.exe: exefile =>  <==== ATTENTION
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2015-07-10 13:04 - 2015-07-10 13:02 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-544805583-3260788696-181003874-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Omistaja\Pictures\CachedImage_1920_1080_POS4.jpg
DNS Servers: 192.168.0.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: ) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
MSCONFIG\Services: GamesAppIntegrationService => 2
MSCONFIG\Services: GamesAppService => 3
MSCONFIG\Services: PEFService => 2
HKU\S-1-5-21-544805583-3260788696-181003874-1001\...\StartupApproved\Run: => "OneDrive"
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{69758983-2F68-404E-A262-5D11BC0967F5}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{B1B80E85-E55E-4A03-88C1-1FA2D0DFA9F5}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{E5509C02-7EC7-4B0A-8758-6D495DDB0F84}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{16B70E27-221E-4FB8-A4DC-A487B7046099}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{36D3E0F4-BA52-4245-A4EE-727D17C705FD}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{51889304-B7DA-4270-A7F0-9A4B56974811}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{17B33448-A623-4560-BB46-6A31297188C2}D:\games\grand theft auto v\gta5.exe] => (Block) D:\games\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{D7836B4B-C906-4BF7-A95B-EE90797A139E}D:\games\grand theft auto v\gta5.exe] => (Block) D:\games\grand theft auto v\gta5.exe
FirewallRules: [{9CCCBCD3-3902-4B88-8C5D-B18360E52662}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{58DDC1CD-5F1A-408D-8CC5-9F10FA149024}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{4FF170C0-D79D-4C90-943C-3F5D5A675425}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{7CF8E55C-EED7-450D-9CBB-B94C283598CB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{85A52D86-3A53-4F53-AA5E-CF3D78DE1F17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A49E3737-ED14-458D-8DD3-322993A88CFC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F3EDD008-DEBE-4930-81E5-76FDAA47103D}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{4AE0EE6E-EB7F-4407-B6FA-59A1524DF131}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{EB1A3362-ABC8-4387-9837-8B8CD9BB4BF0}] => (Allow) D:\Games\Far Cry 5\steamapps\common\FarCry5\bin\FarCry5.exe
FirewallRules: [{D10EDF60-1B08-437E-A615-238C47EF2846}] => (Allow) D:\Games\Far Cry 5\steamapps\common\FarCry5\bin\FarCry5.exe
FirewallRules: [{8D919468-74D0-4625-A5E6-8B7D4701D30E}] => (Allow) D:\Games\Far Cry 5\steamapps\common\FarCry5\bin\ArcadeEditor64.exe
FirewallRules: [{0D904DED-18F8-48C1-A6A6-72ABDB58F9B7}] => (Allow) D:\Games\Far Cry 5\steamapps\common\FarCry5\bin\ArcadeEditor64.exe
FirewallRules: [{892834F6-1BE1-4DA8-A5D3-05EA17650F50}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{9C3AE3AF-D919-4FC6-BB1E-683A07718E6F}] => (Allow) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe
FirewallRules: [{5B2213FD-B11A-4659-8A7C-3D7085F411B6}] => (Allow) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\Server\SyncUp Server.exe
FirewallRules: [{952563AD-3B9A-4599-AD27-323D360F4630}] => (Allow) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\ASUSDMS.exe
FirewallRules: [{9D154507-EA4D-465C-880A-02130808FAE6}] => (Allow) C:\Program Files (x86)\ASUS\ASUS Manager\SyncUp\ASUSDMS.exe
 
==================== Restore Points =========================
 
28-05-2018 22:53:22 Windowsin moduulien asennusohjelma
 
==================== Faulty Device Manager Devices =============
 
Name: avast! SecureLine TAP Adapter v3
Description: avast! SecureLine TAP Adapter v3
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: TAP-Windows Provider V9
Service: aswTap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (05/29/2018 06:58:48 AM) (SourceID: Software Protection Platform Service) (EventID: 16385) (User:)
Description: Restoring the software security service at 2118-05-05T04: 58: 48Z failed. Error Code: 0x80070005.
 
Error: (05/29/2018 06:58:18 AM) (SourceID: Software Protection Platform Service) (EventID: 16385) (User:)
Description: Setting up the Software Security Service Restart at 2118-05-05T04: 58: 18Z failed. Error Code: 0x80070005.
 
Error: (05/29/2018 06:57:48 AM) (SourceID: Software Protection Platform Service) (EventID: 16385) (User:)
Description: Setting up the Software Security Service Restart at 2118-05-05T04: 57: 48Z failed. Error Code: 0x80070005.
 
Error: (05/29/2018 06:57:18 AM) (SourceID: Software Protection Platform Service) (EventID: 16385) (User:)
Description: Restarting the Software Security Service Restart at 2118-05-05T04: 57: 18Z failed. Error Code: 0x80070005.
 
Error: (05/29/2018 06:56:48 AM) (SourceID: Software Protection Platform Service) (EventID: 16385) (User:)
Description: Restoring the software security service at 2118-05-05T04: 56: 48Z failed. Error Code: 0x80070005.
 
Error: (05/29/2018 06:56:18 AM) (SourceID: Software Protection Platform Service) (EventID: 16385) (User:)
Description: Restoring the Software Security Service Restart at 2118-05-05T04: 56: 18Z Failed. Error Code: 0x80070005.
 
Error: (05/29/2018 06:55:48 AM) (SourceID: Software Protection Platform Service) (EventID: 16385) (User:)
Description: Restoring the software security service at 2118-05-05T04: 55: 48Z failed. Error Code: 0x80070005.
 
Error: (05/29/2018 06:55:18 AM) (SourceID: Software Protection Platform Service) (EventID: 16385) (User:)
Description: Restoring the software security service at 2118-05-05T04: 55: 18Z failed. Error Code: 0x80070005.
 
 
System errors:
=============
Error: (05/29/2018 06:53:26 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-R3UUUMF)
Description: The application-specific permissions for the object do not grant DESKTOP-R3UUUMF \ Owner, SID (S-1-5-21-544805583-3260788696-181003874-1001) from LocalHost (LRPC enabled), local access to the COM server application The CLSID is
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and the APPID ID is
{9CA88EE3-ACB7-47C8-afc4-AB702511C276}
 and executed in the application store Unavailable, SID (Not Available). This security license can be modified using the Component Services Management Tool.
 
Error: (05/29/2018 06:40:42 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-R3UUUMF)
Description: The application-specific permissions for the object do not grant DESKTOP-R3UUUMF \ Owner, SID (S-1-5-21-544805583-3260788696-181003874-1001) from LocalHost (LRPC enabled), local access to the COM server application The CLSID is
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and the APPID ID is
{9CA88EE3-ACB7-47C8-afc4-AB702511C276}
 and executed in the application store Unavailable, SID (Not Available). This security license can be modified using the Component Services Management Tool.
 
Error: (05/29/2018 06:33:22 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-R3UUUMF)
Description: The application-specific permissions for the object do not grant DESKTOP-R3UUUMF \ Owner, SID (S-1-5-21-544805583-3260788696-181003874-1001) from LocalHost (LRPC enabled), local access to the COM server application The CLSID is
{D63B10C5-BB46-4990-A94F-E40B9D520160}
 and the APPID ID is
{9CA88EE3-ACB7-47C8-afc4-AB702511C276}
 and executed in the application store Unavailable, SID (Not Available). This security license can be modified using the Component Services Management Tool.
 
Error: (05/29/2018 06:25:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-R3UUUMF)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} was not registered with DCOM within the given time.
 
Error: (05/29/2018 06:25:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-R3UUUMF)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} was not registered with DCOM within the given time.
 
Error: (05/29/2018 06:25:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-R3UUUMF)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} was not registered with DCOM within the given time.
 
Error: (05/29/2018 06:25:53 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-R3UUUMF)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} was not registered with DCOM within the given time.
 
Error: (05/29/2018 06:25:53 AM) (Source: DCOM) (EventID:
 
 
Date: 2018-05-29 06:39:46.056
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
Date: 2018-05-29 06:39:46.007
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
Date: 2018-05-29 06:32:06.912
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
Date: 2018-05-29 06:32:06.720
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
Date: 2018-05-28 20:28:43.388
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
Date: 2018-05-28 20:28:43.189
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
Date: 2018-05-28 10:44:01.571
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
Date: 2018-05-28 10:44:01.509
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4460 CPU @ 3.20GHz
Percentage of memory in use: 39%
Total physical RAM: 8131.16 MB
Available physical RAM: 4949 MB
Total Virtual: 19395.16 MB
Available Virtual: 14613.77 MB
 
==================== Drives ================================
 
Drive c: (Windows) (Fixed) (Total:150 GB) (Free:42.68 GB) NTFS
Drive d: (Data) (Fixed) (Total:780.91 GB) (Free:22.51 GB) NTFS
 
\\?\Volume{85507d28-33ff-4678-9161-96a854dd5a1d}\ (Windows RE tools) (Fixed) (Total:0.49 GB) (Free:0.1 GB) NTFS
\\?\Volume{bea9b8d6-b85a-4274-af73-9197c2d194ef}\ (SYSTEM) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 40E891CE)
 
Partition: GPT.
 
==================== End of Addition.txt ============================

Edited by Duregarthemoon, 29 May 2018 - 01:32 AM.


BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:03 PM

Posted 29 May 2018 - 07:34 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

Press the Windows key + r on your keyboard at the same time. This will open the RUN BOX.
Type Notepad and and click the OK key.

Please copy the entire contents of the code box below to a new file.
 
Start

CreateRestorePoint:
EmptyTemp:
CloseProcesses:

S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [X]
C:\Windows\Tasks\Norton Product Installer.job
C:\WindowsWINDOWS\Tasks\Norton Product InstallerIdle.job
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10:n päivitysavustaja.lnk [408]
AlternateDataStreams: C:\Users\Omistaja\Desktop\Windows 10:n päivitysavustaja.lnk [402]
HKU\.DEFAULT\Software\Classes\exefile:  <==== ATTENTION
HKU\.DEFAULT\Software\Classes\.exe: exefile =>  <==== ATTENTION
HKU\S-1-5-21-544805583-3260788696-181003874-1001\Software\Classes\exefile:  <==== ATTENTION
HKU\S-1-5-21-544805583-3260788696-181003874-1001\Software\Classes\.exe: exefile =>  <==== ATTENTION
End
Save the file as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

Reset Chrome...
Open Google Chrome, click on menu icon google-chrome-setting-icon.png or the 3 vertical dots located right side top of the google chrome.
 
Click "Settings" then "Show advanced settings" at the bottom of the screen.
 
Click "Reset browser settings" button.
 
Restart Chrome.
<<<>>>

Please let me know what problem persists with this computer.

Edited by nasdaq, 30 May 2018 - 06:20 AM.


#3 Duregarthemoon

Duregarthemoon
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:03 AM

Posted 29 May 2018 - 12:48 PM

Hello, nasdaq thank you for fast reply and assisting me before i run the script, can i know why it says my username is brandon instead of omistaja?.


Edited by Duregarthemoon, 29 May 2018 - 01:00 PM.


#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:03 PM

Posted 30 May 2018 - 06:22 AM

Hi,

Good catch.

I must have had a senior moment. The top part of the fix was for an other topic.

I have again reviewed you logs and edited my fix above.

Please run it.

Let me know what problem persists.

#5 Duregarthemoon

Duregarthemoon
  • Topic Starter

  • Members
  • 13 posts
  • OFFLINE
  •  
  • Local time:05:03 AM

Posted 30 May 2018 - 02:21 PM

Hi nasdaq, i run the fix and computer booted fast and fine. However now i have this issue, i noticed in my taskmanager that keeps showing this cmd and connhost popups.

They launch really fast shows in taskmanager like 5 seconds then they hide. I have attached the fixlog and screenshot of task manager and its behaviour. Not really sure

what it is, but it seems kind of suspicious act.

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by Omistaja (30-05-2018 21:05:10) Run:3
Running from C:\Users\Omistaja\Downloads\Uusi kansio
Loaded Profiles: Omistaja (Available Profiles: Omistaja)
Boot Mode: Normal
==============================================
 
fixlist content:
*****************
Start
 
CreateRestorePoint:
EmptyTemp:
CloseProcesses:
 
S3 xhunter1; \??\C:\WINDOWS\xhunter1.sys [X]
C:\Windows\Tasks\Norton Product Installer.job
C:\WindowsWINDOWS\Tasks\Norton Product InstallerIdle.job
AlternateDataStreams: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10:n p�ivitysavustaja.lnk [408]
AlternateDataStreams: C:\Users\Omistaja\Desktop\Windows 10:n p�ivitysavustaja.lnk [402]
HKU\.DEFAULT\Software\Classes\exefile:  <==== ATTENTION
HKU\.DEFAULT\Software\Classes\.exe: exefile =>  <==== ATTENTION
HKU\S-1-5-21-544805583-3260788696-181003874-1001\Software\Classes\exefile:  <==== ATTENTION
HKU\S-1-5-21-544805583-3260788696-181003874-1001\Software\Classes\.exe: exefile =>  <==== ATTENTION
End
*****************
 
Restore point was successfully created.
Processes closed successfully.
"HKLM\System\CurrentControlSet\Services\xhunter1" => removed successfully
xhunter1 => service removed successfully
"C:\Windows\Tasks\Norton Product Installer.job" => not found
"C:\WindowsWINDOWS\Tasks\Norton Product InstallerIdle.job" => not found
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 => ":n p�ivitysavustaja.lnk" ADS could not remove.
C:\Users\Omistaja\Desktop\Windows 10 => ":n p�ivitysavustaja.lnk" ADS could not remove.
"HKU\.DEFAULT\Software\Classes\exefile" => removed successfully
"HKU\.DEFAULT\Software\Classes\.exe" => removed successfully
"HKU\S-1-5-21-544805583-3260788696-181003874-1001\Software\Classes\exefile" => removed successfully
"HKU\S-1-5-21-544805583-3260788696-181003874-1001\Software\Classes\.exe" => removed successfully
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 129887742 B
Java, Flash, Steam htmlcache => 186594332 B
Windows/system/drivers => 12789850 B
Edge => 3458664 B
Chrome => 33036218 B
Firefox => 393189402 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 3674 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Omistaja => 319830434 B
 
RecycleBin => 195728600 B
EmptyTemp: => 1.2 GB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 21:07:05 ====

Attached Files


Edited by Duregarthemoon, 30 May 2018 - 05:41 PM.


#6 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:03 PM

Posted 31 May 2018 - 08:03 AM

Hi,

On two occasions this problem was caused by the Office program.

Naviate to this page.
https://ugetfix.com/ask/how-to-stop-command-prompt-pop-up/

Execute the instructions on:
Method 2. Disable MS Office to stop cmd pop up

You may also check the Progams list and find out if you have a program that was installed recently without you knowledge.
See Method 1.

Keep me posted.

#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:03 PM

Posted 06 June 2018 - 06:44 AM

Are you still with me?

#8 nasdaq

nasdaq

  • Malware Response Team
  • 39,559 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:03 PM

Posted 12 June 2018 - 07:35 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users